JP2009301344A - Image output authentication system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To allow a predetermined function, such as, a printing job to be executed, regardless of the change of identification information such as a user password, by automatically adding predetermined information for clearing authentication processing to a printing job, in the print job from a logged-in information processing terminal. <P>SOLUTION: An image output authentication system comprises an MFP 10, a PC 20 and an authentication server 30 (intermediate authentication server 40) connected via a network 50. The authentication server 30 (40) comprises an operation part 331 (431), the PC 20 adds predetermined information for clearing authentication processing to a print job to be transmitted to the MFP 10, and the MFP 10 performs processing, for skipping authentication processing or performs processing to output an authentication request to the authentication server 30 (40), when the predetermined information for clearing authentication processing is transmitted to the MFP. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to an authentication technique performed in response to a specific job request from an information processing terminal to an image output apparatus.

  Conventionally, when using a device connected to a network environment, the user ID or password identification information is required to be entered for security against information leakage, and the authentication result for the input identification information is determined to be valid. The use of the device is allowed when it is done. Japanese Patent Application Laid-Open No. 2004-228688 sends an authentication file in response to a request from the user by the user authentication function built in the image forming apparatus in authentication printing, and returns the authentication file after the identification information is input by the user. On the other hand, there has been proposed a user authentication method for performing an authentication process for determining the validity. In Patent Document 2, authentication information corresponding to identification information input by an identification information input unit is not registered in a storage unit in an information processing apparatus in which access restrictions to specific information and apparatus use restrictions are set. In this case, an information processing apparatus is proposed in which authentication information input by the authentication information input unit is registered in the storage unit in association with the identification information input by the identification information input unit.

In recent years, an authentication system in which a plurality of image output apparatuses, information processing terminals such as a plurality of personal computers, and an authentication server are connected to a network is known. Under such a network environment, the authentication server is authenticated when the information processing terminal logs in. Specifically, when the information processing terminal is activated, a login name and password input screen is displayed. By inputting these pieces of information (identification information), authentication information registered in advance by the authentication server is entered. A collation is performed to determine whether there is validity. On the other hand, use restrictions may be imposed on certain jobs such as print jobs requested to the image output apparatus using the printer driver function of the information processing terminal. When sending a print job to the image output device, identification information is added to the print job. Normally, the identification information is not input by the user, and the identification information input when the print job is first issued is registered in the registry. After that, the stored identification information is read from the registry or the like and automatically added to the print job, thereby eliminating the complexity of the input operation.
JP 2006-195656 A JP 2007-128323 A

By the way, in the authentication system such as Active Directory, from the viewpoint of security, the password of the user is forcibly changed by the administrator every fixed period, for example, 90 days. The identification information stored in is not automatically updated. In such a case, when the user requests a print job from the information processing terminal in use to the image output device, the identification information having the password before change that is captured in the information processing terminal is automatically included in the print job. Therefore, it is determined that the result of the authentication process is not valid, and printing is prohibited. However, when issuing a print job, the user does not directly input his / her password using the operation unit, so he / she does not notice that his / her password has been changed and immediately knows why printing was prohibited. There are many things that cannot be done. As a result, the work efficiency of the user is reduced, the number of inquiries from each user to the administrator is increased, and the man-hours for the administrator are also increased.

The present invention has been made in view of the above, and in the case of a print job from a logged-in information processing terminal, identification information such as a user's password is automatically added to the print job by adding predetermined information for clearing the authentication process. It is an object of the present invention to provide an image output authentication system that enables execution of a predetermined function such as a print job regardless of whether information has been changed.

  According to the first aspect of the present invention, at least one image output device that outputs an image and an operation from an operation unit are received, and image data corresponding to the image is transmitted to the image output device to output an image. And at least one information processing terminal having an image output driver function unit for issuing an image output job for instructing, and an input from the operation unit transmitted from the information processing terminal at the time of login An image output authentication system in which an authentication server that performs authentication processing based on an authentication request having identification information including a login name and a password is connected via a network, and the authentication server stores authentication information of each user A database, and the image output driver function unit of the information processing terminal authenticates the image output job to be transmitted to the image output device. The image output apparatus performs authentication processing when predetermined information for clearing the authentication processing is transmitted from the image output driver function unit. One of a process to be omitted and a process to output an authentication request to the authentication server is performed.

  According to this invention, when the information processing terminal connected to the network is activated, login authentication is executed with the authentication server. When a print job is generated from the information processing terminal authenticated at the time of login using the image output driver function unit, predetermined information for clearing the authentication process is added to the print job and specified. Sent to the image output apparatus. The image output apparatus performs a process of omitting the authentication process as the predetermined information when the predetermined information for clearing the authentication process is added to the print job from the image output driver function unit. Depending on the content of the predetermined information, one of the processes for outputting an authentication request to the authentication server is performed.

Therefore, even if a part of the authentication information, for example, the password is changed regularly or as necessary by the administrator, even if the user is ignorant of this change, printing from the logged-in information processing terminal When a job is executed, predetermined information for clearing the authentication process is automatically added to the print job. Therefore, regardless of whether or not the identification information such as the user password is changed, the predetermined function such as the print job is Execution becomes possible.

  The invention described in claim 2 is the image output authentication system according to claim 1, wherein the predetermined information for clearing the authentication processing is specific information preset in the image output driver function unit, It is information that is distinguished from the identification information, and the image output apparatus omits the authentication process when the predetermined information for clearing the authentication process is the specific information. It is characterized by. According to this configuration, as the predetermined information for clearing the authentication process, the specific information preset in the printer driver function unit is information that is distinguished from the identification information. Therefore, it is possible to recognize that the information is predetermined information for clearing the authentication process. Therefore, in the case of the specific information, the authentication process is omitted, and a part of the authentication information, for example, a password is periodically In other words, the print job can be executed even if the user has changed the information as necessary or necessary, and the user does not know the change.

  According to a third aspect of the present invention, in the image output authentication system according to the first aspect, at the time of login of the information processing terminal, the authentication server performs at least an external authentication server that performs authentication processing and an authentication condition of the external authentication server. And an intermediate authentication server in which local authentication conditions including use restrictions on the functions of the image output apparatus are set, and the predetermined information for clearing the authentication process includes the image output driver function unit. Specific information set in advance, which is information that is distinguished from the identification information, and the process of outputting the authentication request in the image output job is performed on the intermediate authentication server, The intermediate authentication server may omit the authentication process when the predetermined information for clearing the authentication process is the specific information. And characterized in that. According to this configuration, when the predetermined information for clearing the authentication process is specific information preset in the image output driver function unit and is information that is distinguished from the identification information, the image output device The intermediate authentication server requests authentication, and the intermediate authentication server omits the authentication process when the predetermined information for clearing the authentication process is specific information. Regardless of whether or not the identification information such as the password is changed, it is possible to execute a predetermined function such as a print job.

  According to a fourth aspect of the present invention, in the image output authentication system according to the first aspect, the image output apparatus is information indicating that the predetermined information for clearing the authentication process has been authenticated at the time of login. In some cases, the authentication process is omitted. According to this configuration, since authentication is omitted in the image output apparatus when authenticated, a predetermined function such as a print job can be executed regardless of whether or not the identification information such as the user password is changed. It becomes.

According to a fifth aspect of the present invention, in the image output authentication system according to any one of the first to fourth aspects, the image output driver function unit causes the image output apparatus to print an image. It is characterized by being. According to this configuration, when an image is printed, a predetermined function such as a print job can be executed regardless of whether or not the identification information such as the user password is changed.

  According to the present invention, even if a part of authentication information, for example, a password is changed periodically or as necessary by an administrator, even if the user is ignorant of this change, the logged-in information processing When a print job is sent from the terminal, the specified information for clearing the authentication process is automatically added to the print job. Therefore, regardless of whether the identification information such as the user password has been changed, It is possible to execute a predetermined function. In addition, image output operations such as image printout can be performed smoothly, and inquiries to the administrator of the authentication server can be eliminated, thereby eliminating complexity.

  FIG. 1 is a schematic configuration diagram showing an embodiment of an image output authentication system according to the present invention. In FIG. 1, an image output authentication system 1 includes at least one multi-function peripherals (hereinafter referred to as “MFP”) 10 as an image output device and at least one information processing terminal 20 (such as a personal computer). (Hereinafter referred to as “PC”), an authentication server 30 for determining whether or not the basic authentication condition is valid, and a function added to the basic authentication condition, for example, function usage restrictions, etc. In other words, the intermediate authentication servers 40 that determine whether or not the local authentication conditions are valid are connected on the network 50 so that data can be transmitted and received between them. The network 50 may be a local area network (LAN), typically a corporate in-house LAN, or a wide area network system (WAN) such as the Internet.

  FIG. 2 is a configuration diagram showing functional parts related to the present invention among the functions of the MFP 10. 2, the MFP 10 is connected to the image processing function unit 100, a control unit 110 for causing the image processing function unit 100 to execute a predetermined operation, and an authentication process to be described later, and the control unit 110. The ROM 121 stores an image processing program, a program for authentication processing, and other predetermined programs, and a RAM 122 that temporarily stores information being processed. In addition, the MFP 10 includes a panel operation unit 131 configured with a touch panel, a numeric keypad, and the like for performing operation instructions from the outside, and a display unit 132 configured with a liquid crystal panel for confirming operation contents and displaying a guide screen for input. And. Each program is expanded and executed in the work area of the RAM 122 as necessary at the time of execution.

  The image processing function unit 100 includes a scanner unit 101 that optically reads a document image, a printer unit 102 that receives a request from the PC 20 or the like and prints an image on a recording sheet, and optically reads and reads the document image. Of the copying unit 103 for copying on recording paper and the facsimile (Fax) unit 104 for transmitting / receiving image information to / from other facsimile apparatuses via a public line, at least the printer unit 102 is provided, or all functional units It has.

  Specifically, the control unit 110 is configured by a central processing unit (CPU), and causes each control unit (not shown) of the corresponding image processing function unit 100 to execute an operation for the image processing. Unit 111, an authentication function validity determination unit 112 for determining the validity of the authentication function of MFP 10, an identification information acquisition unit 113 that extracts identification information for authentication from print job data, which will be described later, and an acquisition The identification information processing unit 114 that determines whether the authentication process is performed on the identified identification information, that is, whether or not authentication can be omitted, and whether or not the intermediate authentication server 40 requires authentication, and the intermediate authentication server 40 is authenticated. Transmission / reception of information between the authentication request processing unit 115 that executes processing for a request and a result when it is obtained, and the PC 20, the authentication server 30, and the intermediate authentication server 40. Functionally includes a communication unit 116 that row.

  FIG. 3 is a configuration diagram illustrating functional portions mainly related to authentication among the functions of the PC 20. In FIG. 3, the PC 20 includes an OS (Operation System) unit 200 having basic software for controlling the operation of the basic hardware portion of the PC 20 and a required registry (storage area in the hard disk), and an upper layer of the OS unit 200. The control unit 210 is prepared for controlling the overall operation of the PC 20, the ROM 221 is connected to the control unit 210 and stores various image processing application programs, font data, and other predetermined data, and information in the middle of processing is temporarily stored. And a RAM 222 for storing data. The PC 20 also includes an operation unit 231 configured with a touch panel, a mouse, a numeric keypad, and the like for performing operation instructions from the outside, and a display unit 232 for confirming operation contents and displaying a screen for input. . In addition to the work area, the RAM 222 has a memory area for storing created document data, document data imported from an external storage medium (not shown), and image data for a required period. Each program is developed and executed in the work area of the RAM 222 as necessary at the time of execution.

  The control unit 210 is specifically composed of a CPU, and is an information processing unit 211 that operates according to various application programs, an MFP authentication function determination unit 212 that determines whether the MFP 10 has an authentication function, and an MFP 10 When a job based on the application program occurs, for example, when a print job occurs, an identification information processing unit 213 that prepares identification information to be added to the print job or predetermined information for clearing the authentication process, and an operation unit A print job creation unit 214 that performs processing of specifying image data (including text) to be printed and creating a print job and adding identification information to the created print job, the MFP 10, and intermediate authentication Functionally includes a communication unit 215 that transmits and receives information to and from the server 40. .

Of the control unit 210, the identification information processing unit 213, the print job creation unit 214, and the communication unit 215 constitute a printer driver unit for the print job. The identification information includes an IP (Internet Protocol) address of the PC 20, a Mac (Media Access Control) address of the PC 20, a user login name (user ID), a user password, and at least the user ID of the user and the user password. included. Each of these data is created as having a predetermined size or a predetermined size width in accordance with a preset rule.

  FIG. 4 is a configuration diagram of the authentication server 30. In FIG. 4, the authentication server 30 stores information that can be distinguished from other users and the PC 10 such as the login name and password of each user, the IP address and Mac address of each PC 10, that is, information necessary for authentication processing. An authentication information database 300, a control unit 310 that performs authentication processing and database management, a ROM 321 that is connected to the control unit 310 and stores a program for authentication processing and database management, and information that is being processed is temporarily stored And a RAM 322 for storing the data. In addition, the authentication server 30 includes an operation unit 331 configured by a touch panel, a numeric keypad, and the like for performing operation instructions from the outside, and a display unit 332 for confirming operation contents and displaying a guide screen for input. Yes.

  The control unit 310 is specifically composed of a CPU, and mainly includes an authentication processing unit 311 that executes authentication processing at the time of login, data management of the authentication information database 300, and changes of authentication information at regular or required times. An authentication information management unit 312 that manages processing and a communication unit 313 that performs transmission and reception of information among the MFP 10, the PC 20, and the intermediate authentication server 40 are functionally included. In the present embodiment, the authentication server 30 is an Active Directory type authentication system, and from the viewpoint of security, for example, authentication of passwords or the like for all users or predetermined partial users at regular intervals. Information is changed by the administrator via the operation unit 331. The changed authentication information is updated in the authentication information database 300 for each user. The communication unit 313 allows only the user's own information to be viewed on the website by the web browser of the PC 10 on the website, or authentication information such as an updated password for each update. May be distributed using e-mail.

  FIG. 5 is a configuration diagram of the intermediate authentication server 40. In FIG. 5, the intermediate authentication server 40 includes a local authentication condition storage unit 400 that stores a local authentication condition that is an authentication condition for restricting the function use of the MFP 10 in addition to the basic authentication condition of the authentication server 30. A control unit 410 that performs authentication processing, a ROM 421 that is connected to the control unit 410 and stores a program for authentication processing, and a RAM 422 that temporarily stores information being processed. The intermediate authentication server 40 also displays an operation unit 431 configured with a touch panel, a numeric keypad, and the like for performing an operation instruction from the outside, and a guide screen for confirming operation contents and inputting information as necessary. Part 432 is provided.

  The control unit 410 is specifically configured by a CPU and functionally includes a local authentication processing unit 411 that executes local authentication processing and a communication unit 412 that executes transmission and reception of information with the MFP 10. Note that the communication units 116, 215, 313, and 412 have a predetermined communication protocol, and include an encryption processing unit and a decryption processing unit so that transmission information can be encrypted and transmitted as necessary.

  Here, the content of the predetermined information for clearing the authentication process prepared by the identification information processing unit 213 of the PC 20 will be described.

The printer driver unit (as described above, the identification information processing unit 213, the print job creation unit 214, and the communication unit 215 in the control unit 210, which are related to the print job) is input via the operation unit 231 during login, When the identification information stored in the registry of the OS unit 200 can be acquired, the information added to the print job is only the identification information as in the prior art. In this case, when the OS unit 200 receives authenticated information from the authentication server 30 at the time of login, the printer driver unit displays information indicating that authentication has been performed instead of the identification information. To be added to. The information indicating that the authentication has been completed is created as data that can be distinguished from the identification information set to a predetermined size in accordance with the processing rules described above.

  On the other hand, if the printer driver unit cannot input the identification information and the authenticated information that are input via the operation unit 231 at the time of login and stored in the registry of the OS unit 200, the printer driver unit adds the information to the print job. As the predetermined information for clearing the authentication process, the following specific information is selectively set.

(A) authenticated information,
(B) A specific character string, specifically a character string that cannot be input by the printer driver unit (can be distinguished from identification information or authenticated information), for example, a character string exceeding the maximum number of characters, a prohibited character, A string less than the minimum string,
(C) When the information to be set as the identification information is specified from the intermediate authentication server 40, and the display / non-display of the information is set, the specific character input in the non-display field ,
(D) The login name (user ID) preferably includes a specific character string at the beginning.

The specific information of any one of (a) to (d) is stored in a given storage unit of all or a part of the predetermined PC 20 at the time of system construction or at a necessary time thereafter. It may be an aspect that is read and automatically added to a print job, or software that is a printer driver unit in which any specific information of (a) to (d) is set in advance, or It may be installed in all or some of the predetermined PCs 20 at a later necessary time. In the latter case, this indicates a specific printer driver unit.

  6 to 9 are flowcharts showing the flow of authentication processing executed in each device. FIG. 6 is a flowchart of authentication processing between the PC 20 and the authentication server 30 at the time of login.

  In FIG. 6, first, when the PC 20 is turned on and started up, and an identification information input guide screen is displayed on the display unit 232, an operation for inputting login name and password identification information is accepted via the operation unit 231. (Step S1). Next, the input identification information is transmitted to the authentication server 30 as a login request (step S3).

  On the other hand, when the authentication server 30 receives a login request including identification information from the PC 20 (step # 1), the authentication processing unit 311 receives the identification received from the authentication information for each user stored in the authentication information database 300. Information corresponding to the information is extracted, and collation processing between the two is executed (step # 3). Then, when the authentication process by collation is completed, authentication result information is returned to the corresponding PC 20 (step # 5).

  When the PC 20 receives the authentication result information from the authentication server 30 (step S5), the authentication result is determined (step S7). If the authentication result is affirmed, a login termination process is performed and the authentication is performed. Information is stored in the registry of the OS unit 200 (step S9). At this time, the identification information input from the operation unit 231 may be stored in the registry of the OS unit 200. On the other hand, if the authentication result is negative, an authentication failure display and a re-input guidance screen are displayed on the display unit 232 as necessary (step S11).

  FIG. 7 is a flowchart showing a flow of identification information addition processing to a print job in the printer driver unit of the PC 20. In FIG. 7, first, when image data to be printed is designated by the operation unit 231 and print job creation processing is accepted, it is determined whether or not the authentication function for the print job in the MFP 10 is valid (set). It is executed (step S21). If the authentication function for the print job is not set (is not valid), the print job is transmitted to the MFP 10 without adding identification information for authentication (step S31).

  On the other hand, if the authentication function for the print job is set in the MFP 10, the identification information processing unit 213 determines whether or not the identification information captured at the time of login can be acquired from the registry of the OS unit 200 (step S23). ). If the identification information at the time of login can be acquired from the registry, the identification information processing unit 213 reads the identification information from the registry of the OS unit 200, and the read identification information is converted into a print job by the print job creation unit 214. It is added (step S25). Alternatively, as another aspect of the print job creation unit 214, the authenticated information is added to the print job as specific information.

On the other hand, if the identification information at the time of login cannot be acquired from the registry, the identification information processing unit 213 causes the printer driver unit to store predetermined information for clearing the above-described authentication processing (the specific information (a) to It is determined whether or not (any of (d)) is set (step S27). If the predetermined information is set, this information is added as identification information to the print job by the print job creation unit 214 (step S29). On the other hand, if the predetermined information as the identification information is not set, the print job is transmitted to the MFP 10 without adding the identification information (step S31). In this manner, predetermined information for clearing the authentication is added to the print job in steps S25 and S29.

  FIG. 8 is a flowchart showing a flow of authentication processing in the MFP 10. In FIG. 8, when a print job to which identification information is added is received from the PC 20 (step S41), it is determined whether the authentication function of the MFP 10 is valid (step S43). If the authentication function of the MFP 10 is not valid, the print job is executed without performing authentication (step S61).

  On the other hand, when the authentication function of the MFP 10 is valid, an acquisition process of identification information added to the print job is executed (step S45). Next, it is determined whether or not specific information is included as the acquired identification information (step S47). If specific information is included, it is determined whether or not this specific information is information indicating that the authentication server 30 has already been authenticated at the time of login (step S49). If the information indicates that the authentication has been completed, it is determined that the authentication has been completed, and the authentication process is omitted (step S53). On the other hand, if the specific information is not information indicating that authentication has been completed, whether or not a specific character string or the like (any of the specific information (a) to (d) described above) is included in the identification information. Is determined (step S51), and if a specific character string or the like is included in the identification information, the authentication process is omitted in step S53 as a specific printer driver unit.

  On the other hand, if a specific character string or the like (any of the specific information (a) to (d) described above) is not included in the identification information in step S51, that is, if some other information exists, and step If the specific information is not included in S47, that is, only the identification information acquired from the registry, the authentication request processing unit 115 acquires the information in Step S45 so that the intermediate authentication server 40 performs the authentication process. An authentication request is transmitted to the intermediate authentication server 40 together with the identification information (step S55). Next, reception of authentication result information from the intermediate authentication server 40 is performed (step S57). For example, when the authentication result information is received within the required time (YES in step S57), the identification information processing unit 114 If the authentication result is determined (step S59) and the authentication result is affirmed, the print job is executed (step S61). On the other hand, if the authentication result is negative, the print job is prohibited (step S63). Then, a notification to that effect is returned to the PC 10 that issued the print job request, for example, information such as authentication failure or printing failure, and displayed on the display unit 232.

  FIG. 9 is a flowchart showing the flow of authentication processing by the intermediate authentication server 40. In FIG. 9, when an authentication request is received from the MFP 10 (step # 11), an authentication process is executed by the local authentication processing unit 411 (step # 13). When the authentication process ends (step # 15), authentication result information is returned to the MFP 10 that issued the authentication request (step # 17).

  The processing shown in each of the flowcharts is executed by the control unit (CPU) of each device executing a program stored in a storage medium such as a ROM.

  In addition, the following aspects are employable for this invention.

(1) In a print job, first, in order to obtain authentication, the image data to be printed, that is, image data (including documents) desired to be printed is not transmitted, and only a request for a print job with identification information added is made. It is good also as an aspect which transmits the image data of printing object at the time of permission.

(2) In the present embodiment, the MFP 10 performs the process of step S51 in FIG. 8, but the intermediate authentication server 40 may perform the process.

(3) In this embodiment, the printer driver unit related to a print job has been described. However, the present invention is not limited to this, and the present invention may be applied to an image output driver unit for a predetermined image output such as a facsimile job from an information processing terminal.

(4) In this embodiment, the MFP is exemplified as the image output device, but an image output device other than the MFP, such as a printer or a facsimile, may be used.

It is a schematic block diagram which shows one Embodiment of the image output authentication system which concerns on this invention. FIG. 2 is a configuration diagram showing functional parts related to the present invention among functions of an MFP. It is the block diagram which showed the function part mainly relevant to authentication among the functions of PC. It is a block diagram of an authentication server. It is a block diagram of an intermediate authentication server. It is a flowchart of the authentication process of PC and an authentication server at the time of login. 6 is a flowchart illustrating a flow of identification information addition processing for a print job in a printer driver unit of a PC. 6 is a flowchart showing a flow of authentication processing in the MFP. It is a flowchart which shows the flow of the authentication process by an intermediate | middle authentication server.

Explanation of symbols

1 Image Output Authentication System 10 MFP (Image Output Device)
20 PC (information processing terminal)
DESCRIPTION OF SYMBOLS 30 Authentication server 40 Intermediate authentication server 102 Printer part 110 Control part 113 Identification information acquisition part 114 Identification information processing part 115 Authentication request processing part 200 OS part 213 Identification information processing part (It comprises a part of printer drive function part regarding a print job)
214 Print job creation unit (part of the printer drive function unit for print jobs)
215 Communication unit (part of the printer drive function unit for print jobs)
311 Authentication processing unit 312 Authentication information management unit 411 Local authentication processing unit

Claims (5)

At least one image output device that outputs an image, and an image output job that receives an operation from the operation unit, sends image data corresponding to the image to the image output device, and instructs the image output An identification including at least one information processing terminal having an image output driver function unit to be operated, and a login name and a password that are transmitted from the information processing terminal at the time of log-in and accepted by the operation unit. An image output authentication system in which an authentication server that performs authentication processing based on an authentication request having information is connected via a network,
The authentication server includes a database that stores authentication information of each user,
The image output driver function unit of the information processing terminal adds predetermined information for clearing authentication processing to the image output job to be transmitted to the image output device,
The image output device includes a process for omitting the authentication process and a process for outputting an authentication request to the authentication server when predetermined information for clearing the authentication process is transmitted from the image output driver function unit. An image output authentication system that performs one of the above. The predetermined information for clearing the authentication process is specific information preset in the image output driver function unit, and is information that is distinguished from the identification information.
2. The image output authentication according to claim 1, wherein the image output apparatus omits the authentication process when the predetermined information for clearing the authentication process is the specific information. system. The authentication server includes at least an external authentication server that performs authentication processing at the time of login of the information processing terminal, and local authentication that includes usage restrictions on the functions of the image output device that are added to the authentication conditions of the external authentication server It consists of an intermediate authentication server with conditions set,
The predetermined information for clearing the authentication process is specific information preset in the image output driver function unit, and is information that is distinguished from the identification information.
The process of outputting the authentication request in the image output job is performed on the intermediate authentication server,
The image output authentication according to claim 1, wherein the intermediate authentication server omits the authentication process when the predetermined information for clearing the authentication process is the specific information. system.   The image output apparatus omits the authentication process when the predetermined information for clearing the authentication process is information indicating that authentication has been performed at the time of login. Item 8. The image output authentication system according to Item 1. The image output authentication system according to claim 1, wherein the image output driver function unit is a printer driver function unit that causes the image output apparatus to print an image.

Images